Version bump, addresses CVE-2013-2174

Package-Manager: portage-2.1.12.2/cvs/Linux x86_64 Manifest-Sign-Key: 0xF52D4BBA
author: Anthony G. Basile <blueness@gentoo.org> 2013-06-22 14:25:17 +0000
committer: Anthony G. Basile <blueness@gentoo.org> 2013-06-22 14:25:17 +0000
commit: 3e32456393a86029899a0db39c282fa698a7ee92 (patch)
tree: 7a1fcced97c657357a4740c9205a008a2fd58c01 /net-misc/curl
parent: Respect AR. (diff)
download: historical-3e32456393a86029899a0db39c282fa698a7ee92.tar.gz
historical-3e32456393a86029899a0db39c282fa698a7ee92.tar.bz2
historical-3e32456393a86029899a0db39c282fa698a7ee92.zip
3 files changed, 225 insertions, 16 deletions
diff --git a/net-misc/curl/ChangeLog b/net-misc/curl/ChangeLog
index c6c5ab9084b6..b5ba3f1d1410 100644
--- a/net-misc/curl/ChangeLog
+++ b/net-misc/curl/ChangeLog
@@ -1,6 +1,11 @@
 # ChangeLog for net-misc/curl
 # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/curl/ChangeLog,v 1.284 2013/06/09 23:00:44 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/curl/ChangeLog,v 1.285 2013/06/22 14:24:52 blueness Exp $
+
+*curl-7.31.0 (22 Jun 2013)
+
+  22 Jun 2013; Anthony G. Basile <blueness@gentoo.org> +curl-7.31.0.ebuild:
+  Version bump, addresses CVE-2013-2174
 
   09 Jun 2013; Mike Frysinger <vapier@gentoo.org> metadata.xml:
   Add upstream CPE tag (security info) from ChromiumOS.
diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest
index b5abb1085129..4adbd724a493 100644
--- a/net-misc/curl/Manifest
+++ b/net-misc/curl/Manifest
@@ -20,27 +20,29 @@ DIST curl-7.25.0.tar.bz2 2418060 SHA256 cfb29139dfeb2449bf8a89963c3aed7d87f03401
 DIST curl-7.26.0.tar.bz2 2422651 SHA256 fced262f16eb6bfcdcea15e04a7905ffcb5ff04b14a19ca35b9df86d6720d26a SHA512 da67063bc9907088ef8ecd6039b7a6c8c104060bc060561f2f3a8c23bf2f0dcc06e2d240275d08bcfb72e7ac8b0c22c3e191125dab4cfaa757ee2a892cb49159 WHIRLPOOL 61f0611b42bb6a61758cec1647335071bf0503681de2bbf38f33b4b70d1beb2df546e61efabcab642b29b57c1c1ca9275470a35b47f21b77752bf7ba276fb6d0
 DIST curl-7.29.0.tar.bz2 2556495 SHA256 9d78e8bac6fa101679ca82e72a24e55918c5d495d29acb1eff62610929d3832f SHA512 b14f9aa1441d2d9c5fd35210388a97e7ffa758dc453b788d0e56b1595d3fa303793e4b086393c04861bd30e577f3acfe5aacae468f59516d8b5f3d0d8e007e57 WHIRLPOOL 211c314639faceb6d7547b78da4b61f076ed439f0f8c0b14167517bd49e0093b27dac2c6c96ad7b157a7390d8f38ad32005498fbe79dfd7a276dc2c2f43361fa
 DIST curl-7.30.0.tar.bz2 2625976 SHA256 6b1c410387bea82601baec85d6aa61955794672e36766407e99ade8d55aaaf11 SHA512 5ee8e1e8a0e650a1875198b21cb8f9d125a3790883efc6d6c21c029552b4eba1203d96c6830866ce735dae1b63d61455f0c6a7c8b540acbef77451caf23e9dd5 WHIRLPOOL 3d378db225deba8d3eed97cea7cb75aa4f42a6aba023559c00f579a95e6988cc7f5b2ffa5005e08d186057c0cbb432aed410c45e74dc22b1b7bde1eba5b9debc
+DIST curl-7.31.0.tar.bz2 2679209 SHA256 a73b118eececff5de25111f35d1d0aafe1e71afdbb83082a8e44d847267e3e08 SHA512 56b69cf5ec6e4de2b38280fe03ce97dfad33f3f88d2147a0334dab5cd6cde30aef2f4d09761b1dc8d515b448b5c149aff7f15c6ccd235cdf951f3c021b360200 WHIRLPOOL a7b2fcab8c65edd83d89addf2c7fa3ea334d8554a4d69efe8ff40790e41d0dbe3bda0c471130f3401e39a79c1c264f141fd1843abfa588c2b58036474bc7d385
 EBUILD curl-7.21.4.ebuild 3514 SHA256 90020645c61c93a010fc61c020179e42ebcea70ee191fc8d18ac45916d99a328 SHA512 c5b55fdd2ec42e113eb190e3eb5895bc14c6abc97768d3d616360628a7be9a84703b690a860f5037c76dd1bbe858ec04035d69213284756840ef597a1d4f9882 WHIRLPOOL 07bbe20b8deecca17161311b8ccda88c6593b9aa73a29257bdde53ef720733ef9f2c10ae748e3e7c81bced17f372068e5b57e8fd07e027d528f5905825fc2434
 EBUILD curl-7.25.0-r1.ebuild 5834 SHA256 c14d3185b39d5ef166215b13d4e353f24945d2c8888ce99da8845e5ddfaad48d SHA512 868b5b3dcc038d124aa6a1dca8ff8957d9c76c5ec37ea2ea647c6ed15272066de53d439db99208ee20d146a5c505eb3b1044660e9e75c285ebc9c8353a3a6b11 WHIRLPOOL a35bd0a5d79f149ff9046c6ffb47a526e8569d06b72601fcf627df5805173ca2a27f4223ea9a78e181588383d2789a1ded8e37b9c20cb34561d7927930f4946b
 EBUILD curl-7.26.0.ebuild 6086 SHA256 785de5565ed98c5e46bb1d526936047c6b44fe087a3269c3932037b32b6597f9 SHA512 b6007e66f7ecf15f7ac152c4d4f747376476e710ab47fec1c9c58bc05cc4a4d0e4e8095f0e35348896267b3ef792e9299ce48ba36da5aac112ddc75c47f38b67 WHIRLPOOL 3cfc5497af90423b2bd20cf77ae9c94d8f4d8f82cc74e6d93eccb503c19fb930a9e121e748c0e19cb6ffd876bab7b50830405069a40e2ed24651fc51a624c246
 EBUILD curl-7.29.0-r1.ebuild 6457 SHA256 3b9e97bba30e0994988cc2d6ae6cf80c2dca864fc1134712cd906772a5ed05e6 SHA512 58dfc671aa91a28ab780a3089a4fd4924051ed50f02961121e78f669aa27238d043c711e3846dd1cd6b88d899b63064850e942f518151d2102730ed05fd99ba1 WHIRLPOOL 8e8856e758bea9e22ef7f309553dda753c10d6ec22ae9ade13ddeb88f01e065c6ef900cc244588bc6c8ac1dd01f8b81a099e125ae2eff7195e3c57fa7f503a03
 EBUILD curl-7.30.0.ebuild 6400 SHA256 dcd016f8201edcceff214875cc2fb2cf801c479c68468f7969721a87daca18dd SHA512 47d2b6a91932b9da560e21849a9a6277c01525eddded3c42e255b560f7f708e81b664483c0f3f9d89ebfea4b96540cfe3d22add94bde36597c9cf0e6e72d226a WHIRLPOOL 82664aff146f5aa7d0671d13a15317c193615594940b3f13d71e1e53a51d8768ebfd7278e832f423a0056d7bc3eb44b0ebde458d6e5e89d06fb55940f1aeece9
-MISC ChangeLog 44684 SHA256 cd43391752ba118c9417e59d32d3d2c750e3f65383ee90b7a0568180421e5457 SHA512 701235332e7508ddfbc913a9f076685f4755f37d2ff7e9eb777abeaee48c61f73259ba22c32cd516b8c1a446bec79654cacebd454bdb66b830590cc9ddc06491 WHIRLPOOL aee4632c67b00941aeadcf78adc0b5e20e2510406bd0f210a547df5e5ffd903e6704adcb1efca2a2b2640c539d39d5e6448e27344347394827353c158f2e0137
+EBUILD curl-7.31.0.ebuild 6415 SHA256 09de61b3df9d2b05f92f47767ac71f615d6b27ff070346cb664ace0c1fc58f4c SHA512 edb4cd1ca1e2a9b1960c725719d1f2896598950176def7e2c5677a7e7b6be806e3a49010485ab25845b79521f018c7fe80ed1ee1853fbd827b4375543a541a4b WHIRLPOOL 291b565ef32af82cc502be89b7b9e8bd8ad6a4616af98b3b584deb1fe0c7b3456e2fa06a8aa4917bd9ba625732e7ad0772d352ed24a1500951376e5cea94283c
+MISC ChangeLog 44831 SHA256 78556542afb2f2b2c785c8d29b2cb7a6cc19a790cd6c5992fab5a8414ab55553 SHA512 8000b115d4ac09bf907798b22d856bb62302fba8514cf6cc53c91864ca684569fa6b689bb2ea4bf4ea9809b3bdff476021f2d0ad1a9b728f2441cf012bcf330b WHIRLPOOL 153463856159859389cd17eac7e574858ce1c61ee43a9ff6a3648a1a00f659af43e53eaa94f6c2651c30ea39e1fd44a7946091c28186fc9fb104796965667954
 MISC metadata.xml 981 SHA256 cb4dabc1f49a7d2289bfcb55efbd6616065e3644a8abcbd8fa042197f50d24d0 SHA512 7b68f0152f489923abc61741ba809acc2ece8b3543a0fbe23e4a94386bd6bb1d2b8dd3b125dec210c8961aa8626e44736150e748a8f3fba56bc1bd573e29f982 WHIRLPOOL 543b50b6ec54b6488d8499807f1e171c79e5ca5b00d416ab6e22fd309dba11c24a4ef61f6c78fd434e61acdabb9644c3a422fca12125da418246da6be410f42d
 -----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.19 (GNU/Linux)
+Version: GnuPG v2.0.20 (GNU/Linux)
 
-iQIcBAEBCAAGBQJRtQkiAAoJELEHsLL7fEFWHwUP+gKiHrtPI6CwzvG3fvAy9f8l
-4GsNCw++3a03GEVvan85DgEieuTjC6tca3t4WBrRs7tnKtyWze8i1WXyJr+T8e9a
-1Peh4x+3WyHx8rAN/LhcErWT0+iB26Q38Ae/MqdtDvfQLFbRHP9lnQVrnj6ysY9B
-rNbuG0a1cF3pFMdQmgtyjBAkTqNofzh1wUE59pjNP5UbskfuQz3fn88L+KNw7kOX
-OoeHXf10KnA+LR2vdmVt4ygxU89qxyU6Aa9/a1OG27dtxVFPqwWgsR56tPLjVnLa
-iuLH8PFRiiB5ELrGJ1YcbX8gLqnsPqqpZbSKf1Lh8ejNWEN7LezuTmFmafu9Qr2u
-6A9HTouYV1AdO93t9Cn02xRceGMulqk9sQGyHEUpyxDdVizea7kL8UGF45dIwz3C
-SQGeNMtOYqqm3VDqpTC9eisX8gZ8EAncpjwLJ/COkrndsfhIwp7kwzYKkXLiMVkT
-GMuH1+2uPsiicVuvJOR+Tz72+DNhr60eUbPzV+ou3OBjValG/3GuEHCMmGQHS2O2
-YnHOKbFVR1xCdM80BULVEdepuyoorfxAZ9yD/u5v5p6YSA4RtGjpXwEPaFSl6VKk
-Tor7PhHG1vYVqfb3nOmBTsYBvzHFaOXapz2BBuiej7tBsadm36QRjQLKerqczqEP
-z9FZcwu3+/8hncstpkPx
-=uWFf
+iQIcBAEBCAAGBQJRxbQLAAoJEJOE+m71LUu6shsQALe5fbFjfFzZNWfuvwmu5FWo
+5JcFUzPqjvrdwZ13/whokjBhtlHtAKrIpBmN/j5eoJM2dP6lrjXJZXDSOWbeYhyw
+Ft1vWQJo+y7BotLnq0ayw1u+So7iQm5XMGZAd5TD9E/QystqwS8gOfKJab55ODJ5
+A+4nHOOA+yyhgLQDnKj069VQY5IWTibV5V6Oyrrf9OAkLbZDxdeVq+UsAVeq+WhN
+hYwTpxmLWOjyhMZQQc4ByGAUzkRVdHHZFhhPxMg3kyl4flJFp/0SRZRUN1i7ANit
+oPeDRqtavzcy7Wbbev4sra/1oJzwhW7pwsglTip4NQNz/qC0YzFinOfmW+XC1tpJ
+V2aYgmpwM/uf5AhSO4ry3QxT/T3frCWqu4Qik+I4PS0EVDlRKeFacJPwcTsgmVkt
+VDunYnrSsUIB4zUC8bVf7ijzfEjXoSL9PPhnolpqRGJ13FJF1OIyKVjyWl38F6Vl
+PWC3hra5AthlFFiG4prtZ2lgZQ+CruHQ9nMcQowcDZSh5ceur35j370dsBR9Ti+6
+S7ZS1iO9ZcvfaliqBMZjUnfgQSW7pHnrgXd/1229OnJszNkIxmyyvPZRjriC1peO
+Rld8jlAGRzAxj404K16ejytC2bnWmMv7rn3ih6Y30+oBcNl5nAeqwb0ALsLKyj9T
+ZlKWj+WotY5LbKlosjZ4
+=uIWr
 -----END PGP SIGNATURE-----
diff --git a/net-misc/curl/curl-7.31.0.ebuild b/net-misc/curl/curl-7.31.0.ebuild
new file mode 100644
index 000000000000..9431904fb67f
--- /dev/null
+++ b/net-misc/curl/curl-7.31.0.ebuild
@@ -0,0 +1,202 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/curl/curl-7.31.0.ebuild,v 1.1 2013/06/22 14:24:52 blueness Exp $
+
+EAPI="5"
+
+inherit autotools eutils prefix
+
+DESCRIPTION="A Client that groks URLs"
+HOMEPAGE="http://curl.haxx.se/"
+SRC_URI="http://curl.haxx.se/download/${P}.tar.bz2"
+
+LICENSE="MIT"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="adns idn ipv6 kerberos ldap metalink rtmp ssh ssl static-libs test threads"
+IUSE="${IUSE} curl_ssl_axtls curl_ssl_cyassl curl_ssl_gnutls curl_ssl_nss +curl_ssl_openssl curl_ssl_polarssl"
+
+#lead to lots of false negatives, bug #285669
+RESTRICT="test"
+
+RDEPEND="ldap? ( net-nds/openldap )
+	ssl? (
+		curl_ssl_axtls?  ( net-libs/axtls  app-misc/ca-certificates )
+		curl_ssl_cyassl? ( net-libs/cyassl app-misc/ca-certificates )
+		curl_ssl_gnutls? (
+			|| (
+				( >=net-libs/gnutls-3[static-libs?] dev-libs/nettle )
+				( =net-libs/gnutls-2.12*[nettle,static-libs?] dev-libs/nettle )
+				( =net-libs/gnutls-2.12*[-nettle,static-libs?] dev-libs/libgcrypt[static-libs?] )
+			)
+			app-misc/ca-certificates
+		)
+		curl_ssl_openssl? ( dev-libs/openssl[static-libs?] )
+		curl_ssl_nss? ( dev-libs/nss app-misc/ca-certificates )
+		curl_ssl_polarssl? ( net-libs/polarssl app-misc/ca-certificates )
+	)
+	idn? ( net-dns/libidn[static-libs?] )
+	adns? ( net-dns/c-ares )
+	kerberos? ( virtual/krb5 )
+	metalink? ( >=media-libs/libmetalink-0.1.0 )
+	rtmp? ( media-video/rtmpdump )
+	ssh? ( net-libs/libssh2[static-libs?] )
+	sys-libs/zlib"
+
+# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
+#	rtmp? (
+#		media-video/rtmpdump
+#		curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
+#		curl_ssl_polarssl? ( media-video/rtmpdump[polarssl] )
+#		curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,-polarssl,ssl] )
+#	)
+
+# ssl providers to be added:
+# fbopenssl  $(use_with spnego)
+
+# krb4 http://web.mit.edu/kerberos/www/krb4-end-of-life.html
+
+DEPEND="${RDEPEND}
+	virtual/pkgconfig
+	test? (
+		sys-apps/diffutils
+		dev-lang/perl
+	)"
+
+# c-ares must be disabled for threads
+# only one ssl provider can be enabled
+REQUIRED_USE="
+	threads? ( !adns )
+	ssl? (
+		^^ (
+			curl_ssl_axtls
+			curl_ssl_cyassl
+			curl_ssl_gnutls
+			curl_ssl_openssl
+			curl_ssl_nss
+			curl_ssl_polarssl
+		)
+	)"
+
+DOCS=( CHANGES README docs/FEATURES docs/INTERNALS \
+	docs/MANUAL docs/FAQ docs/BUGS docs/CONTRIBUTE)
+
+src_prepare() {
+	epatch \
+		"${FILESDIR}"/${PN}-7.30.0-prefix.patch \
+		"${FILESDIR}"/${PN}-respect-cflags-3.patch \
+		"${FILESDIR}"/${PN}-fix-gnutls-nettle.patch
+	sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241
+
+	eprefixify curl-config.in
+	eautoreconf
+}
+
+src_configure() {
+	einfo "\033[1;32m**************************************************\033[00m"
+
+	# We make use of the fact that later flags override earlier ones
+	# So start with all ssl providers off until proven otherwise
+	local myconf=()
+	myconf+=( --without-axtls --without-cyassl --without-gnutls --without-nss --without-polarssl --without-ssl )
+	myconf+=( --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
+	if use ssl ; then
+		if use curl_ssl_axtls; then
+			einfo "SSL provided by axtls"
+			einfo "NOTE: axtls is meant for embedded systems and"
+			einfo "may not be the best choice as an ssl provider"
+			myconf+=( --with-axtls )
+		fi
+		if use curl_ssl_cyassl; then
+			einfo "SSL provided by cyassl"
+			einfo "NOTE: cyassl is meant for embedded systems and"
+			einfo "may not be the best choice as an ssl provider"
+			myconf+=( --with-cyassl )
+		fi
+		if use curl_ssl_gnutls; then
+			einfo "SSL provided by gnutls"
+			if has_version ">=net-libs/gnutls-3" || has_version "=net-libs/gnutls-2.12*[nettle]"; then
+				einfo "gnutls compiled with dev-libs/nettle"
+				myconf+=( --with-gnutls --with-nettle )
+			else
+				einfo "gnutls compiled with dev-libs/libgcrypt"
+				myconf+=( --with-gnutls --without-nettle )
+			fi
+		fi
+		if use curl_ssl_nss; then
+			einfo "SSL provided by nss"
+			myconf+=( --with-nss )
+		fi
+		if use curl_ssl_polarssl; then
+			einfo "SSL provided by polarssl"
+			einfo "NOTE: polarssl is meant for embedded systems and"
+			einfo "may not be the best choice as an ssl provider"
+			myconf+=( --with-polarssl )
+		fi
+		if use curl_ssl_openssl; then
+			einfo "SSL provided by openssl"
+			myconf+=( --with-ssl --without-ca-bundle --with-ca-path="${EPREFIX}"/etc/ssl/certs )
+		fi
+	else
+		einfo "SSL disabled"
+	fi
+	einfo "\033[1;32m**************************************************\033[00m"
+
+	# These configuration options are organized alphabetically
+	# within each category.  This should make it easier if we
+	# ever decide to make any of them contingent on USE flags:
+	# 1) protocols first.  To see them all do
+	# 'grep SUPPORT_PROTOCOLS configure.ac'
+	# 2) --enable/disable options second.
+	# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
+	# 3) --with/without options third.
+	# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
+	econf \
+		--enable-dict \
+		--enable-file \
+		--enable-ftp \
+		--enable-gopher \
+		--enable-http \
+		--enable-imap \
+		$(use_enable ldap) \
+		$(use_enable ldap ldaps) \
+		--enable-pop3 \
+		--enable-rtsp \
+		$(use_with ssh libssh2) \
+		--enable-smtp \
+		--enable-telnet \
+		--enable-tftp \
+		$(use_enable adns ares) \
+		--enable-cookies \
+		--enable-hidden-symbols \
+		$(use_enable ipv6) \
+		--enable-largefile \
+		--enable-manual \
+		--enable-proxy \
+		--disable-soname-bump \
+		--disable-sspi \
+		$(use_enable static-libs static) \
+		$(use_enable threads threaded-resolver) \
+		--disable-versioned-symbols \
+		--without-darwinssl \
+		$(use_with idn libidn) \
+		$(use_with kerberos gssapi "${EPREFIX}"/usr) \
+		--without-krb4 \
+		$(use_with metalink libmetalink)  \
+		$(use_with rtmp librtmp) \
+		--without-spnego \
+		--without-winidn \
+		--without-winssl \
+		--with-zlib \
+		"${myconf[@]}"
+}
+
+src_install() {
+	default
+	find "${ED}" -name '*.la' -delete
+	rm -rf "${ED}"/etc/
+
+	# https://sourceforge.net/tracker/index.php?func=detail&aid=1705197&group_id=976&atid=350976
+	insinto /usr/share/aclocal
+	doins docs/libcurl/libcurl.m4
+}
author	Anthony G. Basile <blueness@gentoo.org>	2013-06-22 14:25:17 +0000
committer	Anthony G. Basile <blueness@gentoo.org>	2013-06-22 14:25:17 +0000
commit	3e32456393a86029899a0db39c282fa698a7ee92 (patch)
tree	7a1fcced97c657357a4740c9205a008a2fd58c01 /net-misc/curl
parent	Respect AR. (diff)
download	historical-3e32456393a86029899a0db39c282fa698a7ee92.tar.gz historical-3e32456393a86029899a0db39c282fa698a7ee92.tar.bz2 historical-3e32456393a86029899a0db39c282fa698a7ee92.zip